Solaris Trusted Extensions Transition Guide

Device Management in Trusted Extensions

In Trusted Extensions, the allocate and deallocate commands are only available to TCB (Trusted Computing Base) processes that run in the global zone. Ordinary users must use the Device Manager GUI to allocate and deallocate devices.

Trusted Extensions device policy uses the Solaris getdevpolicy and update_drv interfaces. The Trusted Solaris 8 device policies: data_mac_policy, attr_mac_policy, open_priv, and str_type have been removed.